CVE-2022-49680: ARM: exynos: Fix refcount leak in exynos_map_pmu
First published: Wed Feb 26 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: ARM: exynos: Fix refcount leak in exynos_map_pmu of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() checks null pointer.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | >=3.17<4.9.321 | |
| Linux Kernel | >=4.10<4.14.286 | |
| Linux Kernel | >=4.15<4.19.250 | |
| Linux Kernel | >=4.20<5.4.202 | |
| Linux Kernel | >=5.5<5.10.127 | |
| Linux Kernel | >=5.11<5.15.51 | |
| Linux Kernel | >=5.16<5.18.8 | |
| Linux Kernel | =5.19-rc1 | |
| Linux Kernel | =5.19-rc2 | |
| Linux Kernel | =5.19-rc3 | |
| Linux Kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/545ae5cbae839ce39bfe09828e413f1c916082de
- https://git.kernel.org/stable/c/31d09571bb071c20f6bdc0bb7ac1ef8dd2987c04
- https://git.kernel.org/stable/c/7571bcecf01b69f0d3ec60ca41ce5d4c75411a4a
- https://git.kernel.org/stable/c/f9b77a52937582a5b99a5a07e4ef1e2f48f87347
- https://git.kernel.org/stable/c/68f28d52e6cbab8dcfa249cac4356d1d0573e868
- https://git.kernel.org/stable/c/d23f76018e17618559da9eea179d137362023f95
- https://git.kernel.org/stable/c/fc354856e9fad9cd36e2ad28f9da70716025055a
- https://git.kernel.org/stable/c/c4c79525042a4a7df96b73477feaf232fe44ae81
Frequently Asked Questions
What is the severity of CVE-2022-49680?
CVE-2022-49680 has been classified as a medium-severity vulnerability due to the potential for a refcount leak in the ARM Linux kernel.
How do I fix CVE-2022-49680?
To fix CVE-2022-49680, ensure that you update to the latest version of the ARM Linux kernel where this vulnerability has been resolved.
What impact does CVE-2022-49680 have on my system?
CVE-2022-49680 can lead to a refcount leak that may result in resource exhaustion on systems using the affected ARM Linux kernel.
Who is affected by CVE-2022-49680?
CVE-2022-49680 affects systems running specific versions of the ARM Linux kernel that fail to properly handle reference counting.
Is there a workaround for CVE-2022-49680?
There are no specific workarounds for CVE-2022-49680; applying the appropriate kernel update is recommended.
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/type
- agent/title
- agent/references
- agent/author
- agent/source
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup-request
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.17
- version/linux kernel/4.10
- version/linux kernel/4.15
- version/linux kernel/4.20
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/5.19-rc1
- version/linux kernel/5.19-rc2
- version/linux kernel/5.19-rc3
- vendor/arm